bibor

@[email protected]
198 Followers
236 Following
799 Posts
everything i touch breaks. (mostly by accident)
bloghttps://bibor.exploit.bar
bibor6h ago
🆎13h ago
Never let anyone try to talk you out of a quick half hour DIY project. Those three hours will be the best six days of your life.
bibor1d ago
Show threadbuherator1d ago
@sj chaotic alignment was lacking so I created a chart
biborApr 27
jomoApr 27

RE: https://zug.network/@simonschre/116476128728613941

Geil endlich gibt es brauchbare Fahrgastinfos

biborApr 17
I just hate how models are increasingly becoming better with the fun parts of my job, like finding vulnerabilities and not at all becoming better with the boring parts on my job like writing compliance documents.
biborApr 16
badkeysApr 15

I reported an insecure DKIM key to Deutsche Telekom / T-Systems. They first asked me to further explain things (not sure why 'Here's your DKIM private key' needs more explanation, but whatever...). Then they told me it's out of scope for their bugbounty.

I guess then there's really no reason not to tell you: They have a 384 bit RSA DKIM key configured at: dkim._domainkey.t-systems.nl

384 bit RSA is... how shall I put it? I think 512 bit is the lowest RSA key size that was ever really used. 384 bit RSA is crackable in a few hours on a modern PC (using cado-nfs). The private key is:
-----BEGIN RSA PRIVATE KEY-----
MIHxAgEAAjEAtTliQYV2Xvx1OGkDyOL799BTFEuobY2dn2AgtiKCQgrh78NVK1JK
j0yRXgNnPpGBAgMBAAECMF0t+TBZUCi8xATSMij7VLTxv5Xi5OIXesNiXOKtYIRP
LkpYfR5PggaMScfbmqSssQIZAMwOhm9d7Y7Qi7I2j1AlYbiqdtqO54T7FQIZAONa
9dJFkC6lM3EPXR+0SZ4dqwwpiM0nvQIYYgz8thi5JK264ohq9sTvnu9yKvUN9I09
AhgfgMYZKcxtujRjkSZtMzUUNLYzzDmJe90CGDKwqcBI0v9ChaR8WHht+/chMdxj
7ez94w==
-----END RSA PRIVATE KEY-----

biborApr 4
LucaApr 3

Falls wer aus der IT-Bubble Bock auf ein kleines Abenteuer hat.

IT-Ingenieur:in für die Überwinterung an der Neumayer Station III (m/w/d/x)

https://jobs.awi.de/Vacancies/2121/Description/1

#fedijobs
#job
#jobs
#it
#admin

IT-Ingenieur:in für die Überwinterung an der Neumayer Station III (m/w/d/x)

Niederlassung 2 extern

biborApr 2
Something I would like to say more often is "We shouldn't do this, because we do not understand the consequences well enough." But it's hard to defend against folks who, in my opinion, overestimate their understanding and press for it's implementation.
biborApr 2

I don't think this will happen btw. I guess that there will be 10x more unpatched vulns in shiny dashboards.

But maybe this is my IACS-perspective speaking :P

biborApr 2
biborApr 2
abadideaApr 2

IT'S HAPPENING

GITHUB, THE FIRST ENTERPRISE CLOUD SOLUTION TO REACH ZERO NINES RELIABILITY

https://mrshu.github.io/github-statuses/

#github